lumma | 28299a22e0425e074307f2475de68220921264d07488433a23428fe2e51ffe34 | Triage

Sharing

General

Target

28299a22e0425e074307f2475de68220921264d07488433a23428fe2e51ffe34
Size

14.8MB
Sample

240908-cg761aydnn
MD5

b04d0d046519a79dda3cfac8eb813a49
SHA1

2dbf64698b8f06272ad70bb1ca3dacf484585ab8
SHA256

28299a22e0425e074307f2475de68220921264d07488433a23428fe2e51ffe34
SHA512

25111547826b695d2fb45ed9e07f1cf70f8a3f1499865151bd0539375af9dbe385d048752e80bdec3c3965ed9590f27820405183c2c48b617be259b44991af56
SSDEEP

393216:/OduDYjAhCtpejvlqJ4hdCVZAWDe5bspECWvaObxjso:hvhfv+4hcZAWEwECxObxjso

Score

10^/10

lumma discovery stealer

Malware Config

Extracted

Family

lumma

C2

https://condedqpwqm.shop/api

Targets

- Target
  
  193a7535d9e2ca7440508096ad5834b68bc690034daf47b6c386dc021ceebd7c.exe
- Size
  
  96.5MB
- MD5
  
  c03bb58999a808abf475fd635ac2b4d1
- SHA1
  
  30f4d34297258b92e588d084a0ed23d06178fdb2
- SHA256
  
  193a7535d9e2ca7440508096ad5834b68bc690034daf47b6c386dc021ceebd7c
- SHA512
  
  14798ada2eac3aad5e0b6d2811fbb101c055506c87df642b8934fde39ba81816ee5bec873a60cf8b807d19720a71d0a6d88ca6f34c4f40609cc1fc9561eb9b2b
- SSDEEP
  
  196608:KqvjC3iI1TYFZB5l8tu2dCwd0LiHjeXbl2WIDwKC9xcGWEvGTBVdpFRH5TZKKb5L:W3i7DuLdaJE/wKC3syOVdnz
Score

10^/10

discovery lumma stealer
- Lumma Stealer, LummaC
  Lumma or LummaC is an infostealer written in C++ first seen in August 2022.
  stealer lumma
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

lummadiscoverystealer